06/19/06 MON 10:24 FAX 9727183946 



VERIZON IP 



USPATENT-AMEND !2l013 



REMARKS/ARGUMENTS 

L Introduction 

This amendment is submitted in response to the Office Action dated March 
23, 2006. 

Claim 8 is canceled. Claims 1, 2, and 7 have been previously canceled. 

Accordingly, Giaims 3-6 and 9-23 are now pending- 
Claims 4, 10, 13, and 19 stand objected to for informalities. Claims 4, 10, 13. 

and 19 have been amended to correct these infoimalities, as suggested by the 

Examiner. 

Claims 4, 5, 10, 11, 12, 14, 16, and 18 stand rejected under 35 U.S.C. 102(e) 
as being anticipated by U.S. Patent No. 6,424,620 Bl to Nishihara (hereinafter "tJie 
Nishihara patent"). In addition, claim 3 stands rejected under 35 U,S,C. 103(a) as 
being unpatentable over the Nishihara patent in view of an art of record, "ICMP 
Traceback Messages** by Bellovin and Leech AT&T Labs Research (hereinafter *the 
Bellovin et al. publication"). Additionally, claims 6 and 15 stand rejected under 35 
U.S.C. 103(a) as being unpatentable over the Nishihara patent in view of U.S. Patent 
No. 6,208,653 Bl to Ogawa et al (hereinafter "the Ogawa et al. patent"). In addition, 
claim 8 stands rejected under 35 U.S.C 103(a) as being unpatentable over the 
Nishihara patent in view of U-S. Patent No. 6,144,714 to Bleiweiss et al. (hereinafter 
"the Bleiweiss et al. patent"). Finally, claim 13 stands rejected under 35 U.S.C. 
103(a) as being unpatentable over the Nishihara patent in view of U.S. Patent No. 
6,657,961 Bl to Lanflfenburger et al. (hereinafter '^e Lauffenbureer et al. patent). 

Claims 9, 17, and 19-23 stand objected to, but would be allowable if rewritten 
in independent form. Applicant thanks the Examiner for this allowability. Claims 9, 
17, and 19 have been amended as independent claims, including all inherent 
limitations. Therefore, claims 9, 17, and 19-23 (as amended) are in condition for 
allowance. 
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Applicant wi ll now address and overcome each of the Examiner's 
rejections after summarizing the invention. 

n« Summary of the Invention 

The present invention is directed to a system for providing an anti- 
flooding flow-control mechanism for use in defending against flooding Denial of 
Service attacks. Embodiments of the invention utilize traffic baseline generation, 
dynamic buffer management, and early traffic regulation. Baseline statistics on the 
flow rates for flows of data corresponding to different classes of packets are 
generated. When a router senses congestion, the router may drop certain traffic based 
on the flow rate of that class of traffic compared to the baseline rate for that class, as 
well as whether the traffic is responsive to flow control signals. Further, the system 
may cause notification to nodes upstream of the congested node, so that the upstream 
nodes can restrict traffic flow based on class of traffic before it is sent along to the 
affected (congested) node. This may be accomplished by the congested node 
requesting routing information Scorn the destination node in order to determine which 
nodes are upstream of the congested nodes, and then sending a traffic control signal 
to the upstream node. 

Another aspect of some embodiments of the invention wait for 
congestion to occur over a pre-selected period of time before dropping traffic at or 
destined for the node. 
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III. The Nishihara patent 

In contrast to the present invention, the Nisbihara patent utilizes a Network 
Monitor to determine where congestion in an ATM network is occurring, and which 
nodes in the network need to cut back on traffic flow to alleviate the congestion (see 
col. 7, lines 49-55). In no case does the Nishihara patent teach purposely dropping 
traffic at the congested node, as is taught in the present invention. The Nishihara 
patent discloses restricting traffic at a source edge device if there is congestion at a 
destination edge device (see coL 9, lines 41-52), and re-routing traffic around a 
congested node device within the ATM network (see col. 9, lines 62-67). 

Another critical difference between the Nishihara patent and the present 
invention is that the Nishihara patent immediately responds to a congestion situation 
(see col. 9, lines 37-40), whereas the present invention includes embodiments that 
wait to see whether a congestion situation remains for a prescribed period of time 
before taking action, in order to avoid dropping traffic due to a transient situation. 

Still another critical difference between the Nishihara patent and the present 
invention is that touting of congestion information in the Nishihara patent is 
accomplished by sending packets &om source to destination, and reply packets from 
destination to source, wherein a portion of the packet contains flow rates, and 
int^mediate nodes intercept these packets and may modify the data in order to 
accomplish flow control (see col. 9, lines 26-67). In contrast, the present invention 
utilizes the node that is experiencing a congestion problem to request from the 
destination node the identity of the paths leading to the destination node, including 
upstream nodes from the congested node. Once these i^stream nodes are identified, 
the congested node can send requests to the upstream nodes to restrict traffic toward 
the congested node. 
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IV. Claims 4. 5. 6. 10. 11, 12, 13, 14. 15. and 16 are Patentable Based 
on "Preselected Period of Time^ Limitation 

Claims 4, 5, 6, 10, 1 1, 12, 13, 14, 15, and 16 each contain a limitation as 
exemplified in Claim 4 . This limitation is: "detecting congestion in a first node 
along a pacl^et flow path between a source device and a destination device^ 
including the step of monitoring to detect when said first node is saturated with 
packet traffic for a preselected period of time'' . As described above, the Nishihara 
patent does not monitor for traffic saturation for a preselected period of time . 

The Examiner argues on p. 3 of the Office Action that "the congestion would 
continue for a pre-selected period until the condition in formula (1) is no longer true; 
i.e. congestion no longer exists^\ While it may be true that the congestion in the 
Nishihara patent, once identified, is only remedied at some time in the future, there 
are at least three critical differences between such a period and apphcant's 
'*preselected period of time". 

First, congestion may or may not continue until the Nishihara patent instructs 
an upstream node to control the average flowing speed. The congestion may be a 
temporary spike in traffic, returning on its own to an "acceptable" flow rate. In 
contrast, applicant's limitation requires the saturation to persist for a preselected 
period of time. 

Second, any time lapse in the Nishihara patent between detecting congestion 
and remedying the problem is dependent on many factors, such as the number of 
intervening nodes, computation times, etc. There is no teaching or suggestion of 
preselecting a time dining which congestion (or saturation) must persist in the 
Nishihara patent, as opposed to the limitation of applicant's invention of a preselected 
period of time. 

Third, there is no teaching or suggestion in the Nishihara patent of 
"monitoring to detect when said first node is saturated with packet traffic for a 
preselected period of time ". Even, if the Nishihara patent has an inherent lag time 
during which congestion may continue, there is nothing to suggest detecting 
saturation for that period of time. On the contrary, the Nishihara patent teaches 
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detecting saturation, and immediately setting out to remedy the situation, as opposed 

to applicant's claim 4, which requires monitoring during the preselected period of 

time to detect saturation over that entire period . 

The Examiner refers on p. 3 to the: 

"Nakamura et al (USPN 6,463,036 B2) in coL /, lines 57-col 2, lines 7. 
Therefore, it is inherent that node 24 must detect when the node is 
congested with cell traffic for a pr^'Selected period of time). " 

On the contrary, this reference teaches away from detecting saturation for a 
preselected period of time. Rather than wait for a preselected period of time to see 
whether congestion occurs during that period, this patent describes the existing 
technology of inserting RM cells into a user cell flow at a fixed period, transmitting 
the cells to a terminal point where congestion infomiation is added to the cells, and 
retunjing the cells to the transmitting origin to lower the cell transmission speed to 
evade congestion (coL 1 , line 59 to col, 2, hue 2). The patent then goes on to describe 
a method of speeding up this process, to cut the time over which the congestion 
occurs. There is no teaching or suggestion of having a preselected period of time, or 
of detecting saturation over that preselected period of time. 

Therefore, for at least these reasons, claim 4 is patentable over any 
combination of the Nishihara, patent and the Nakamura et al, patent. Because they 
depend from claim 4, claims 5 and 6 are also patentable over these references. 

Claim 10 contains the limitations: 

"opet* ating the second node to detect when the 
second node Is saturated with traffic for a period of time'' and 

*in response to detecting that said second node is 
saturated witb traffic for said period of time, operating the second 
node . . 

The Examiner states on p. 5 of the Office Action: **node 24 must detect the 
occuxrence of the congestion/outside blocking at the node and the node would still be 
congested when the BRM is generated". First, as described above, the node may or 
may not still be congested when the BRM is generated. In contrast, applicant's 
invention would "detect when the second node is saturated with traffic for a period of 
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time". Therefore, if the congestion is a temporary spike, the Nishihara patent would 
still send a BRM to reduce traffic flow, whereas appUcant's invention would not 
restrict traffic flow, because the saturation would be found not to exist for a period 
of time. 

For this reason, and for the reasons argued above wift regard to claim 4, 
claim 10 is patentable over the cited references. Because they depend from claim 
10. claims 11, 12, 13, 14, IS, and 16 are also patentable over the cited references. 



V. <;:iaiins 3. 5. 6. 11. 12. 13. 14, 1 5. and 16 are patentable gased on 
w poqiipstin^ Pafli Info rmation'* Limitation 

Claims 3, 5. 6, 1 1, 12, 13, 14, 15, and 16 each contain a limitation as 
exenq)lified in Claim 3 . This limitation is: "transmitting a signal to said 
destination device requesting path information". The Examiner states on p. 9 of 
the Office Action: •However, Nishihara Ms to teach identifying a node in said path 
preceding said first node which includes transmitting a signal to the destination 
device requesting path information." Applicant agrees with tiiis deficiency of the 
Nishihara patent. 

The Examiner ^es on to state that the Bellovin publication teaches an ICMP 
Traceback message which it would have been obvious to incorporate into the 
Nishihara patent, and the result would be applicant's "requesting path information" 
limitation. 

Fii^t, there is no reason to combine tiie Bellovin publication with the 
Nishihara patent, as the former is directed to Denial of Service attacks, and the latter 
is directed to a congestion control system. 

Second, the Bellovin publication does not teach "transmitting a signal to said 
destination device requesting path information". To the contrary, the publication 
teaches sending multiple ICMP Traceback messages randomly from multiple routers 
in a network (section 3, paragraph 2), with the hope that "With enough Traceback 
messages from enough routers along the path, the traffic source and path can be 
detennined." There is no teaching or suggestion of a destination device having the 
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path mfbtmation, nor of another node transmitting a signal to the destination device 
requesting path information. Again, the purpose of such a technique is to allow 
network administrators to piece together the identity of the origination device causing 
flooding of a network. As is stated in section 7, "It is limited to those [denial of 
service attacks] where a significant amount of traffic is coming fiom a relatively 
small number of sources." 

In conclusion, even if the Bellovin pubUcation teachings were inooiporatcd 
into the Nishihara patent, the resultant system would not teach or suggest 
"transmitting a signal to said destbialion device requesting path information". 
Therefore, claim 3 is patentable over the cited references. 

riaim 5 contains the limitetion •'wberein said traffic regulation signal further 
includes packet flow path information". The Examiner states on p. 4 of the Office 
Action that the BRM packet includes flow path information. Applicant respectfWly 
disagrees. As shown in Fig. 5 and described at col. 10, lines 19-36, the BKM packet 
contains only the addresses of the source and destination nodes, along with the 
address of any transfer node which is congested. This teaches away from "flow path" 
infomiation of applicant's invention. The Nishihara patent operates by controlling 
source and destination edge devices to identify and control congestion within the 
network, and therefore has no need to (and does not) identify path information. On 
the contrary, applicant's invention utilizes path infonnation to identify nodes 
upstream of congested nodes, in order to control congestion at these upstream nodes. 

Based at least on the above limitation, claim 5 is patentable over the 
Nishihara patent. Therefore, dependent claim 6 is patentable over the Nishihara 
patent. 

Claim 11 contains the limitation "initiatiDg a path deternunation operation 
to determine at least a portion of a path of a flow causing congestion at said 
second node". The Examiner claims on p. 5 of the Office Action that because die 
Nishihara patent includes the addresses of the source and destination nodes, it 
Inherently initiates a path determination operation, in order for the BRM packet to "be 
returned correctly to the source node 23". However, at col. 9, lines 30-34 it states: 
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•The RM packet and the BRM packet axe transferred being relayed by the respective 
node devices 25-1 ... 25-N according to the destination information, in the same way 
as a user packet". This again teaches away from determining path information. The 
packets are given a destination address, and pass node-to-node to that destination, 
using the tables in each node along the way to identify the next intermediate node. 
There is certainly no "path determination operation to determine at least a portion of a 
path of a flow causing congestion'^ The only path determined (again, on a node-by- 
node basis) is the path that the RM or BRM packet takes to its destination address. 

For at least these reasons, claim 11 is patentable over the Nishihara patent. 
Therefore, dependent claims 12» 13, 14, 15, and 16 are also patentable over the 
cited references. 



determining the path of at least one packet flow causing congestion at said first 
network node". The Examiner state on p. 6 of the Office Action: 



the traffic flow path determination means reads on the BRM packet 
inserting unit 78 in Fig. 4 which must determine the path of the flow 
between the source node 23 and the destination node 24 in order to 
correctly return the BRM packet to the source node 23 according to the 
destination information, i,e. via the respective node devices 25-N, . .,.25-1, 
col 12. lines 26-30, see also col 9, lines 26-33. 



As described above, the Nishihara patent teaches passing BRM packets node- 
to-node to the destination address, using tables in each node along the way to identify 
the next intermediate node (col. 9, lines 30-34). Again, this teaches away fix)m 
applicant's "traffic flow determination means for determining the path of at least one 
packet flow cansing congestion at said first network node". The Nishihara patent 
routes packets according to their destination address, and applicant's invention 
determines the path of the packet flow which caused the congestion. 

For at least these reasons, claim 18 is patentable over the Nishihara patent. 




Claim 18 contains the limitation "traffic flow determination means for 



16 



PAGE 20/2rRCVDAT6/lM11:22:56 AM [Eastern DayOghtm^^ 



06/19/06 MON 10:26 FAX 9727183946 



VERIZON IP 



USPATENT-AMEND 



VI. Conclusion 

Claims 3-6 and 9-23, as amended, are not rendered 
unpatentable by any combination of the cited references, and dierefore it is 
respectfully submitted that they are in condition for allowance. Applicant respectfully 
submits that the pending claims are in condition for allowance. Accordingly, 
Applicant requests that the Examiner pass this application to issue. 

If tliere are any outstanding issues which need to be resolved to place 
the application in condition for allowance the Examiner is invited to contact 
Apphcant's undersigned representative by phone to discuss and hopefully resolve 
said issues. To the extent necessary, a petition for extension of tijne under 37 C.F.R. 
1 . 136 is hereby made, the fee for which should be charged to Patent Office deposit 
account number 07-2347. 



Respectfully submitted, 

June 1 9, 2006 C^^^j^iC^ 

Joel Wall,^^fe)rney 
Reg. No. ^648 
Tel.; (972) 718-4800 

Verizon Corporate Setvices Group Inc. 
600 Hidden Ridge Drive 
Mail Code: HQE03H14 
Irving, Texas 75038 
(972)718-4800 



CERTIFICATE OF MAILING/TRANSMISSION (37 CFR 1.8(a)) 

I hereby certify that this correspondence is, on the date shown below, being 
transmitted by facsimile to the United States Patent Office at 571-273-8300. 



Dated: June 19, 2006 Signature: . /!U^U>^L^ 

(Christian R. Andersen) 
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